diff options
| author | tb <> | 2023-06-20 14:05:46 +0000 |
|---|---|---|
| committer | tb <> | 2023-06-20 14:05:46 +0000 |
| commit | e8ccdf253cfa0ff21ced6e923e65faaafc0f0e50 (patch) | |
| tree | 9c7178cba5b0888774913e389b25c805ca5747cd | |
| parent | 6b6b8b595460a702a94328314232c8cc0f254a13 (diff) | |
| download | openbsd-e8ccdf253cfa0ff21ced6e923e65faaafc0f0e50.tar.gz openbsd-e8ccdf253cfa0ff21ced6e923e65faaafc0f0e50.tar.bz2 openbsd-e8ccdf253cfa0ff21ced6e923e65faaafc0f0e50.zip | |
Clean up EVP_PKEY_CTX_meth_dup()
Explicitly check against NULL, replace malloc() plus manual zeroing with
calloc(). Use EVP_PKEY_up_ref() rather than handrolling it and use a more
normal error idiom.
There still seems to be a bug in here in that the ENGINE's refcount isn't
bumped, but that will be investigated and fixed separately.
ok jsing
| -rw-r--r-- | src/lib/libcrypto/evp/pmeth_lib.c | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c index bec899cef1..480a36b9ed 100644 --- a/src/lib/libcrypto/evp/pmeth_lib.c +++ b/src/lib/libcrypto/evp/pmeth_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pmeth_lib.c,v 1.27 2022/12/26 07:18:52 jmc Exp $ */ | 1 | /* $OpenBSD: pmeth_lib.c,v 1.28 2023/06/20 14:05:46 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -275,43 +275,40 @@ EVP_PKEY_CTX_new_id(int id, ENGINE *e) | |||
| 275 | EVP_PKEY_CTX * | 275 | EVP_PKEY_CTX * |
| 276 | EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) | 276 | EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) |
| 277 | { | 277 | { |
| 278 | EVP_PKEY_CTX *rctx; | 278 | EVP_PKEY_CTX *rctx = NULL; |
| 279 | 279 | ||
| 280 | if (!pctx->pmeth || !pctx->pmeth->copy) | 280 | if (pctx->pmeth == NULL || pctx->pmeth->copy == NULL) |
| 281 | return NULL; | 281 | goto err; |
| 282 | #ifndef OPENSSL_NO_ENGINE | 282 | #ifndef OPENSSL_NO_ENGINE |
| 283 | /* Make sure it's safe to copy a pkey context using an ENGINE */ | 283 | /* Make sure it's safe to copy a pkey context using an ENGINE */ |
| 284 | if (pctx->engine && !ENGINE_init(pctx->engine)) { | 284 | if (pctx->engine != NULL && !ENGINE_init(pctx->engine)) { |
| 285 | EVPerror(ERR_R_ENGINE_LIB); | 285 | EVPerror(ERR_R_ENGINE_LIB); |
| 286 | return 0; | 286 | goto err; |
| 287 | } | 287 | } |
| 288 | #endif | 288 | #endif |
| 289 | rctx = malloc(sizeof(EVP_PKEY_CTX)); | 289 | if ((rctx = calloc(1, sizeof(*rctx))) == NULL) { |
| 290 | if (!rctx) | 290 | EVPerror(ERR_R_MALLOC_FAILURE); |
| 291 | return NULL; | 291 | goto err; |
| 292 | } | ||
| 292 | 293 | ||
| 293 | rctx->pmeth = pctx->pmeth; | 294 | rctx->pmeth = pctx->pmeth; |
| 294 | #ifndef OPENSSL_NO_ENGINE | 295 | #ifndef OPENSSL_NO_ENGINE |
| 295 | rctx->engine = pctx->engine; | 296 | rctx->engine = pctx->engine; |
| 296 | #endif | 297 | #endif |
| 297 | 298 | ||
| 298 | if (pctx->pkey) | 299 | if ((rctx->pkey = pctx->pkey) != NULL) |
| 299 | CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); | 300 | EVP_PKEY_up_ref(rctx->pkey); |
| 300 | 301 | if ((rctx->peerkey = pctx->peerkey) != NULL) | |
| 301 | rctx->pkey = pctx->pkey; | 302 | EVP_PKEY_up_ref(rctx->peerkey); |
| 302 | |||
| 303 | if (pctx->peerkey) | ||
| 304 | CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY); | ||
| 305 | |||
| 306 | rctx->peerkey = pctx->peerkey; | ||
| 307 | 303 | ||
| 308 | rctx->data = NULL; | ||
| 309 | rctx->app_data = NULL; | ||
| 310 | rctx->operation = pctx->operation; | 304 | rctx->operation = pctx->operation; |
| 311 | 305 | ||
| 312 | if (pctx->pmeth->copy(rctx, pctx) > 0) | 306 | if (pctx->pmeth->copy(rctx, pctx) <= 0) |
| 313 | return rctx; | 307 | goto err; |
| 308 | |||
| 309 | return rctx; | ||
| 314 | 310 | ||
| 311 | err: | ||
| 315 | EVP_PKEY_CTX_free(rctx); | 312 | EVP_PKEY_CTX_free(rctx); |
| 316 | return NULL; | 313 | return NULL; |
| 317 | } | 314 | } |